The security considerations we would like to discuss in this blog post cover these two aspects:

securing the IT environment of the data publisher organisation

security (in the sense of „protection“) of the published data

Basis for security evaluation is finding that the data publication and subsequent interaction with the users who work with these data almost always lies in different security context than production data processing in the organization. Read More

While there are many interesting technical topics – eg. producing data linked to other data, automating datasets transformations, data quality assessment, data enrichment – for sure the crucial point is to make content of published datasets easily accessible to users.

In current practice there are two distinct methods how to facilitate access to the data:

batch access implemented by making available files with contents of dataset

query based access to selected parts of data available through application interface (APIs)

In a number of countries, access to information is a right guaranteed by the Constitution. Constitutions often guarantee conflicting rights as well, such as the right to
privacy, so these are sometimes in tension and have to be properly balanced. When it comes to government information, countries typically have Freedom of Information Acts (FOIAs) that regulate in more detail who can request information, who has the legal obligation to provide it, under which circumstances, etc.

For instance in Slovakia, FOIA guarantees access to information to “everyone”: the citizenship or legal age are not a limitation, and neither is personhood. A foreigner, a child, or even a company can request information. However, FOIAs may not always regulate the electronic (digital) availability of data: Read More